Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Error 268D3 and malware

I got malware and error268D3

  • This topic is locked This topic is locked

#16
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts

Maybe this is the problem

 

C:\Users\Stepan\Downloads\Fixlist.txt.one

 

Get rid of the .one after Fixlist.txt

 

so it says only --->C:\Users\Stepan\Downloads\Fixlist.txt

 

Then try it


  • 0

Advertisements


#17
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

did that and the same thing came up. here is the Fixlist.txt I got.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Stepan (administrator) on STEPAN-PC (25-08-2016 07:55:02)
Running from C:\Users\Stepan\Downloads
Loaded Profiles: Stepan & NeroMediaHomeUser.4 (Available Profiles: Stepan & NeroMediaHomeUser.4 & Jordyn & Natasha & Diane & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4226048 2012-09-21] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2016-07-21] (ABBYY Production LLC.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe [7763384 2016-07-15] (AO Kaspersky Lab)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\RunOnce: [Uninstall C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.iinet.net.au/customers/
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
 
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> hxxps://www.iinet.net.au/customers/
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]
 
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15]
CHR Extension: (YouTube) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Tasty World (Moscow/RUSSIA)) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebchgchabgghpakkgbpmknjpadmpinih [2016-08-24]
CHR Extension: (Google Sheets) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2016-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Hot Shot Sniper) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbhkjoamnfmpcilggihmfeebhienpea [2015-12-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-21]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebpdbfmpedcnopofelmhndhincfkhki] - hxxps://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2016-01-19] ()
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S2 CLKMSVC10_90970B6B; C:\Program Files (x86)\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe [246256 2010-11-09] (CyberLink)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-29] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-12] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 2310_00; C:\Windows\system32\drivers\2310_00.sys [170528 2009-06-12] (HighPoint Technologies, Inc.)
S3 272x_1x; C:\Windows\system32\drivers\272x_1x.sys [612672 2012-04-25] (HighPoint Technologies, Inc.)
S3 274x_3x; C:\Windows\system32\drivers\274x_3x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
S3 arcm_a64; C:\Windows\system32\drivers\arcm_a64.sys [52768 2009-11-09] (ARECA Technology Corporation)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-01-19] ()
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-10] (Intel Corp.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 DC133; C:\Windows\system32\drivers\DC133.sys [39320 2011-05-02] (Dawicontrol GmbH)
S3 DC150; C:\Windows\system32\drivers\DC150.sys [39832 2011-05-02] (Dawicontrol GmbH)
S3 DC154; C:\Windows\system32\drivers\DC154.sys [48136 2011-05-02] (Dawicontrol GmbH)
S3 DC300e; C:\Windows\system32\drivers\DC300e.sys [40344 2011-05-02] (Dawicontrol GmbH)
S3 DC324e; C:\Windows\system32\drivers\DC324e.sys [49752 2011-05-02] (Dawicontrol GmbH)
S3 DC3410; C:\Windows\system32\drivers\DC3410.sys [48328 2011-05-02] (Dawicontrol GmbH)
S3 DC4300; C:\Windows\system32\drivers\DC4300.sys [48360 2011-05-02] (Dawicontrol GmbH)
S3 DC600e; C:\Windows\system32\drivers\DC600e.sys [40744 2011-05-02] (Dawicontrol GmbH)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-12] (Intel Corp.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-17] (Disc Soft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 hptiop; C:\Windows\system32\drivers\hptiop.sys [17440 2009-05-26] (HighPoint Technologies, Inc.)
S3 hptmv; C:\Windows\system32\drivers\hptmv.sys [93472 2006-09-18] (HighPoint Technologies, Inc.)
S3 hptmv6; C:\Windows\system32\drivers\hptmv6.sys [152096 2007-11-01] (HighPoint Technologies, Inc.)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [651224 2012-06-30] (Intel Corporation)
S3 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [38680 2008-05-14] (ITE Tech. Inc.)
S3 iteraid; C:\Windows\system32\drivers\iteraid.sys [32768 2007-05-02] (ITE Tech. Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [237400 2016-08-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51496 2012-02-29] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\MegaSR1.sys [461320 2009-04-16] (LSI Corporation, Inc.)
S3 mv61xx; C:\Windows\system32\drivers\mv61xx.sys [183144 2012-05-23] (Marvell Semiconductor, Inc.)
S3 mvs94xx; C:\Windows\system32\drivers\mvs94xx.sys [367920 2010-12-01] (Marvell Semiconductor, Inc.)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175720 2010-04-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-06] (OCZ Technology Group, Inc.)
S3 ocz12xx; C:\Windows\system32\drivers\ocz12xx.sys [138544 2011-09-15] (OCZ Technology Group, Inc.)
S3 Pnp680; C:\Windows\system32\drivers\pnp680.sys [80424 2007-11-13] (Silicon Image, Inc)
S0 rr172x; C:\Windows\System32\drivers\rr172x.sys [124448 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr174x; C:\Windows\system32\drivers\rr174x.sys [159264 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr2210; C:\Windows\system32\drivers\rr2210.sys [153632 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr232x; C:\Windows\system32\drivers\rr232x.sys [152096 2008-05-06] (HighPoint Technologies, Inc.)
S3 rr2340; C:\Windows\system32\drivers\rr2340.sys [162400 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr2522; C:\Windows\system32\drivers\rr2522.sys [168032 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr276x; C:\Windows\system32\drivers\rr276x.sys [241472 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr278x; C:\Windows\system32\drivers\rr278x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr62x; C:\Windows\system32\drivers\rr62x.sys [156256 2010-06-17] (HighPoint Technologies, Inc.)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-28] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-28] (Renesas Electronics Corporation)
S3 SI3112r; C:\Windows\system32\drivers\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
S3 SI3114; C:\Windows\system32\drivers\SI3114.sys [99120 2006-11-10] (Silicon Image, Inc.)
S3 SI3114r; C:\Windows\system32\drivers\SI3114R.sys [163632 2007-04-11] (Silicon Image, Inc)
S3 SI3124; C:\Windows\system32\drivers\SI3124.sys [113456 2006-11-02] (Silicon Image, Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
S3 SI3132; C:\Windows\system32\drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
S3 Si3531; C:\Windows\system32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [203832 2016-04-17] (Duplex Secure Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TplinkUDSMBus; C:\Windows\system32\drivers\TplinkUDSMBus.sys [102688 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 TplinkUDSTcpBus; C:\Windows\System32\Drivers\TplinkUDSTcpBus.sys [181024 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
S3 viamrx64; C:\Windows\system32\drivers\viamrx64.sys [161904 2010-12-03] (VIA Technologies Inc.,Ltd)
S3 videX64; C:\Windows\system32\drivers\videX64.sys [15000 2010-02-11] (VIA Technologies, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2016-03-31] (wisecleaner.com)
R0 xfiltx64; C:\Windows\System32\drivers\xfiltx64.sys [26776 2010-02-11] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-04] (CyberLink Corp.)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 07:55 - 2016-08-25 07:55 - 00033919 _____ C:\Users\Stepan\Downloads\FRST.txt
2016-08-23 10:15 - 2016-08-23 10:15 - 00000688 _____ C:\Users\Stepan\Desktop\JRT.txt
2016-08-23 08:45 - 2016-08-23 08:52 - 00000000 ____D C:\Users\Stepan\Documents\OneNote Notebooks
2016-08-22 10:43 - 2016-08-25 07:53 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-22 10:43 - 2016-08-22 10:43 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-22 08:32 - 2016-08-22 08:33 - 01610560 _____ (Malwarebytes) C:\Users\Stepan\Desktop\JRT.exe
2016-08-21 21:04 - 2016-08-23 08:50 - 00000000 ____D C:\Users\Stepan\Desktop\Geeks to go
2016-08-21 19:29 - 2016-08-23 09:55 - 00000000 ____D C:\AdwCleaner
2016-08-21 19:28 - 2016-08-21 19:28 - 03784256 _____ C:\Users\Stepan\Desktop\adwcleaner_6.000.exe
2016-08-21 19:17 - 2016-08-25 07:54 - 00000000 ____D C:\Users\Stepan\Downloads\FRST-OlderVersion
2016-08-21 18:20 - 2016-08-21 18:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-21 18:19 - 2016-08-21 18:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2016-08-21 18:19 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-08-21 16:42 - 2016-08-25 07:55 - 00000000 ____D C:\FRST
2016-08-21 16:33 - 2016-08-23 10:21 - 02396672 _____ (Farbar) C:\Users\Stepan\Downloads\FRST64.exe
2016-08-21 16:11 - 2016-08-21 18:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-21 16:10 - 2005-08-25 18:19 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2016-08-21 16:08 - 2016-08-21 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Lavasoft
2016-08-21 15:42 - 2016-08-21 15:42 - 00003884 _____ C:\WINDOWS\System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E}
2016-08-21 15:11 - 2016-08-24 19:38 - 00000000 ____D C:\Users\Stepan\Documents\All about the olympics
2016-08-20 15:00 - 2016-08-20 15:00 - 00001248 _____ C:\Users\Stepan\Desktop\MassEffect.exe - Shortcut.lnk
2016-08-19 10:27 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2016-08-19 10:12 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Media Center Programs
2016-08-17 09:15 - 2016-08-11 19:30 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-17 09:14 - 2016-05-04 10:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-17 09:14 - 2016-05-04 10:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-17 09:12 - 2016-08-11 22:33 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00612528 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00574120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00471424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-11 13:50 - 2016-08-11 13:50 - 00001369 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2016-08-11 13:50 - 2016-08-11 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2016-08-11 11:27 - 2016-08-11 11:27 - 00114176 _____ C:\Users\Jordyn\Documents\Diet Graph for jj.pub
2016-08-10 20:00 - 2016-08-11 07:29 - 00112128 _____ C:\Users\Jordyn\Documents\Diet Graph.pub
2016-08-10 16:52 - 2016-08-10 16:52 - 00000000 ____D C:\Users\Stepan\Desktop\Rainbow Six
2016-08-10 16:50 - 2016-08-10 16:50 - 00000000 ____D C:\Users\Stepan\AppData\Local\SkinSoft
2016-08-10 14:04 - 2016-08-03 19:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 14:04 - 2016-08-03 18:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 14:04 - 2016-08-03 18:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 14:04 - 2016-08-03 18:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 18:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 18:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 18:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 18:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 14:04 - 2016-08-03 18:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 14:04 - 2016-08-03 18:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 14:04 - 2016-08-03 18:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 14:04 - 2016-08-03 18:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 14:04 - 2016-08-03 17:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 17:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 14:04 - 2016-08-03 17:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 14:04 - 2016-08-03 17:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 14:04 - 2016-08-03 17:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 14:04 - 2016-08-03 17:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 14:04 - 2016-08-03 17:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 14:04 - 2016-08-03 17:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 14:04 - 2016-08-03 17:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 17:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 17:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 14:04 - 2016-08-03 17:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 14:04 - 2016-08-03 17:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 14:04 - 2016-08-03 17:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 14:04 - 2016-08-03 17:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 14:04 - 2016-08-03 17:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 14:04 - 2016-08-03 17:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 14:04 - 2016-08-03 17:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 14:04 - 2016-08-03 17:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 14:04 - 2016-08-03 13:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 13:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 14:04 - 2016-08-03 13:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 12:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 14:04 - 2016-08-03 12:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 12:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 12:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 12:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 12:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 14:04 - 2016-08-03 12:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 12:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 14:04 - 2016-08-03 12:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 14:04 - 2016-08-03 12:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 14:04 - 2016-08-03 12:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 08:07 - 2016-08-10 08:07 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iPod
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-03 18:57 - 2016-08-03 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2016-08-03 18:57 - 2016-07-28 18:57 - 00002208 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-08-03 18:57 - 2016-07-28 18:57 - 00002184 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Roaming\ABBYY
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Local\ABBYY
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 07:54 - 2015-10-30 15:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-25 07:54 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-25 07:47 - 2016-04-27 11:32 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\FileAdvisor
2016-08-25 07:46 - 2014-01-01 13:43 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-25 07:44 - 2015-08-08 18:38 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FD40C14C-7B14-4C6B-A556-FC9A47E1BD5A}
2016-08-25 07:43 - 2015-09-02 10:02 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-25 07:43 - 2014-11-29 16:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-24 21:33 - 2014-11-29 17:03 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\uTorrent
2016-08-24 21:14 - 2015-09-02 10:02 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-24 09:09 - 2016-01-19 16:50 - 01013760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-24 09:09 - 2015-10-30 15:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-24 09:03 - 2016-01-19 17:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-24 09:03 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-24 09:03 - 2015-08-08 17:46 - 00152048 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_90970B6B.sys
2016-08-24 09:02 - 2015-10-30 15:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-24 09:02 - 2015-10-30 14:28 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
2016-08-23 08:38 - 2014-11-29 20:05 - 00000000 ____D C:\torrents
2016-08-22 08:25 - 2016-01-19 16:51 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2016-08-21 21:31 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-21 19:37 - 2015-11-15 09:46 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-21 19:11 - 2013-07-21 04:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-21 19:05 - 2015-12-26 11:12 - 00000000 ____D C:\Users\Stepan\AppData\Local\CrashDumps
2016-08-21 15:41 - 2015-11-15 09:46 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-20 13:23 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Origin
2016-08-19 10:53 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-19 10:29 - 2014-12-15 14:03 - 00000000 ____D C:\Users\Stepan\Documents\BioWare
2016-08-19 10:00 - 2016-04-17 20:41 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\DAEMON Tools Lite
2016-08-19 10:00 - 2015-08-08 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Local\Packages
2016-08-18 21:14 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Stepan
2016-08-17 19:22 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-08-17 09:15 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-17 09:15 - 2015-04-21 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-16 18:44 - 2015-11-27 19:30 - 00992600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-08-16 18:44 - 2015-06-26 23:58 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-08-16 18:44 - 2015-06-16 21:56 - 00110424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-08-16 18:43 - 2015-11-27 19:30 - 00237400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-08-13 18:48 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-13 18:34 - 2015-08-11 16:21 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9BDA47A-528B-43F6-BC9E-31C050B3E1B5}
2016-08-13 10:54 - 2015-12-25 08:27 - 14199360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-12 17:22 - 2014-11-30 10:39 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-11 22:33 - 2016-07-08 13:30 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-11 22:33 - 2016-05-18 16:35 - 20208360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 23699584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 14476904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-11 22:33 - 2015-12-25 08:27 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-11 20:27 - 2016-01-19 16:47 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-11 20:27 - 2016-01-19 16:47 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-11 13:50 - 2015-11-27 19:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-08-11 11:28 - 2015-08-08 17:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-10 20:52 - 2015-10-30 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 20:40 - 2016-02-02 16:51 - 00000000 ____D C:\Users\Jordyn\AppData\Local\CrashDumps
2016-08-10 16:29 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 16:29 - 2013-07-21 04:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 08:25 - 2014-12-12 20:33 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Apple Computer
2016-08-10 08:25 - 2014-12-12 20:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-10 08:02 - 2014-12-12 20:34 - 00000000 ____D C:\Users\Stepan\AppData\Local\Apple Computer
2016-08-10 00:06 - 2016-01-19 16:47 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-06 13:53 - 2016-06-03 10:44 - 00000000 ____D C:\Users\Stepan\Desktop\Music Junk
2016-08-05 18:04 - 2015-03-10 18:43 - 00012928 _____ C:\Users\Jordyn\Desktop\Excel Worksheet.xlsx
2016-08-04 18:57 - 2016-07-23 13:45 - 00000000 ___RD C:\Users\Stepan\Documents\Scanned Documents
2016-08-04 10:44 - 2016-02-01 17:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Natasha
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Jordyn
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Diane
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-03 14:21 - 2014-01-02 05:35 - 00400304 __RSH C:\bootmgr
2016-07-31 15:09 - 2015-09-02 10:02 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-31 15:09 - 2015-09-02 10:02 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-29 21:34 - 2016-07-14 14:51 - 00000000 ____D C:\Users\Stepan\Documents\Trash
2016-07-28 18:57 - 2015-10-30 14:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-28 18:57 - 2015-07-10 17:05 - 00000000 ____D C:\Users\Default.migrated
 
==================== Files in the root of some directories =======
 
2016-08-21 20:06 - 2016-08-21 20:41 - 0000115 _____ () C:\Users\Stepan\AppData\Roaming\LogFile.txt
2014-11-29 21:28 - 2014-12-04 07:28 - 0000166 _____ () C:\Users\Stepan\AppData\Roaming\WB.CFG
2015-08-13 20:21 - 2015-09-07 15:49 - 212809145 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload
2015-08-13 20:21 - 2015-09-07 15:49 - 0002489 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload.aamd
2014-12-01 19:29 - 2014-12-03 07:28 - 0000001 _____ () C:\Users\Stepan\AppData\Local\DSI.DAT
2014-11-29 22:00 - 2014-11-29 22:00 - 0000036 _____ () C:\Users\Stepan\AppData\Local\housecall.guid.cache
2015-07-13 14:25 - 2015-07-13 14:25 - 0000600 _____ () C:\Users\Stepan\AppData\Local\PUTTY.RND
2016-04-20 08:22 - 2016-04-20 08:22 - 0000017 _____ () C:\Users\Stepan\AppData\Local\resmon.resmoncfg
2014-11-30 09:14 - 2015-11-22 07:58 - 0000010 _____ () C:\Users\Stepan\AppData\Local\sponge.last.runtime.cache
2016-01-19 16:47 - 2016-01-19 16:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-03 15:35 - 2014-12-03 15:35 - 0000184 _____ () C:\ProgramData\OutlookFail.20141203.log
2014-12-05 20:55 - 2014-12-05 21:06 - 0000367 _____ () C:\ProgramData\OutlookFail.20141205.log
2014-12-07 19:34 - 2014-12-07 19:34 - 0000184 _____ () C:\ProgramData\OutlookFail.20141207.log
2014-12-18 19:01 - 2014-12-18 19:01 - 0000184 _____ () C:\ProgramData\OutlookFail.20141218.log
2014-12-23 08:50 - 2014-12-23 08:50 - 0000183 _____ () C:\ProgramData\OutlookFail.20141223.log
2014-12-28 09:52 - 2014-12-28 09:52 - 0000183 _____ () C:\ProgramData\OutlookFail.20141228.log
2015-01-03 08:09 - 2015-01-03 08:09 - 0000183 _____ () C:\ProgramData\OutlookFail.20150103.log
2015-01-04 11:29 - 2015-01-04 11:29 - 0000184 _____ () C:\ProgramData\OutlookFail.20150104.log
2015-01-05 18:36 - 2015-01-05 18:36 - 0000184 _____ () C:\ProgramData\OutlookFail.20150105.log
2015-01-29 10:53 - 2015-01-29 10:53 - 0000184 _____ () C:\ProgramData\OutlookFail.20150129.log
2015-02-01 15:31 - 2015-02-01 15:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20150201.log
2015-02-02 12:05 - 2015-02-02 12:05 - 0000183 _____ () C:\ProgramData\OutlookFail.20150202.log
2015-02-05 15:41 - 2015-02-05 15:41 - 0000183 _____ () C:\ProgramData\OutlookFail.20150205.log
2015-02-07 13:45 - 2015-02-07 13:45 - 0000184 _____ () C:\ProgramData\OutlookFail.20150207.log
2015-02-11 09:46 - 2015-02-11 09:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150211.log
2015-02-12 08:40 - 2015-02-12 08:40 - 0000183 _____ () C:\ProgramData\OutlookFail.20150212.log
2015-02-13 11:24 - 2015-02-13 11:24 - 0000183 _____ () C:\ProgramData\OutlookFail.20150213.log
2015-02-14 14:19 - 2015-02-14 14:19 - 0000183 _____ () C:\ProgramData\OutlookFail.20150214.log
2015-02-20 09:03 - 2015-02-20 09:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150220.log
2015-02-21 07:13 - 2015-02-21 07:13 - 0000183 _____ () C:\ProgramData\OutlookFail.20150221.log
2015-02-24 13:30 - 2015-02-24 13:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150224.log
2015-03-03 12:30 - 2015-03-03 12:30 - 0000184 _____ () C:\ProgramData\OutlookFail.20150303.log
2015-03-04 15:08 - 2015-03-04 15:08 - 0000183 _____ () C:\ProgramData\OutlookFail.20150304.log
2015-03-10 10:10 - 2015-03-10 10:10 - 0000183 _____ () C:\ProgramData\OutlookFail.20150310.log
2015-04-01 16:04 - 2015-04-01 16:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150401.log
2015-04-06 16:46 - 2015-04-06 16:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150406.log
2015-04-08 15:04 - 2015-04-08 15:04 - 0000184 _____ () C:\ProgramData\OutlookFail.20150408.log
2015-04-09 08:03 - 2015-04-09 08:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150409.log
2015-04-10 19:04 - 2015-04-10 19:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150410.log
2015-04-12 20:09 - 2015-04-12 20:09 - 0000184 _____ () C:\ProgramData\OutlookFail.20150412.log
2015-04-19 10:29 - 2015-04-19 10:29 - 0000183 _____ () C:\ProgramData\OutlookFail.20150419.log
2015-04-23 10:45 - 2015-04-23 10:46 - 0000367 _____ () C:\ProgramData\OutlookFail.20150423.log
2015-04-29 09:15 - 2015-04-29 09:15 - 0000183 _____ () C:\ProgramData\OutlookFail.20150429.log
2015-05-05 14:30 - 2015-05-05 14:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150505.log
2015-05-07 12:48 - 2015-05-07 12:48 - 0000182 _____ () C:\ProgramData\OutlookFail.20150507.log
2015-05-14 09:45 - 2015-05-14 09:45 - 0000183 _____ () C:\ProgramData\OutlookFail.20150514.log
2015-05-18 21:35 - 2015-05-18 21:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150518.log
2015-05-28 15:54 - 2015-05-28 15:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150528.log
2015-06-17 08:14 - 2015-06-17 08:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20150617.log
2015-06-23 16:18 - 2015-06-23 16:18 - 0000184 _____ () C:\ProgramData\OutlookFail.20150623.log
2015-06-26 20:03 - 2015-06-26 20:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150626.log
2015-06-29 17:33 - 2015-06-29 17:33 - 0000183 _____ () C:\ProgramData\OutlookFail.20150629.log
2015-06-30 08:16 - 2015-06-30 08:16 - 0000183 _____ () C:\ProgramData\OutlookFail.20150630.log
2015-07-01 08:50 - 2015-07-01 15:26 - 0000366 _____ () C:\ProgramData\OutlookFail.20150701.log
2015-07-11 08:11 - 2015-07-11 08:11 - 0000183 _____ () C:\ProgramData\OutlookFail.20150711.log
2015-07-15 19:54 - 2015-07-15 19:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150715.log
2015-07-16 22:35 - 2015-07-16 22:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150716.log
2015-07-19 08:57 - 2015-07-19 19:17 - 0000368 _____ () C:\ProgramData\OutlookFail.20150719.log
2015-07-24 07:37 - 2015-07-24 07:37 - 0000183 _____ () C:\ProgramData\OutlookFail.20150724.log
2015-08-09 15:27 - 2015-08-09 15:27 - 0000183 _____ () C:\ProgramData\OutlookFail.20150809.log
2015-08-10 20:02 - 2015-08-10 20:02 - 0000182 _____ () C:\ProgramData\OutlookFail.20150810.log
2015-08-17 17:28 - 2015-08-17 17:28 - 0000183 _____ () C:\ProgramData\OutlookFail.20150817.log
2015-08-18 14:15 - 2015-08-18 14:15 - 0000366 _____ () C:\ProgramData\OutlookFail.20150818.log
2015-08-19 19:36 - 2015-08-19 19:36 - 0000183 _____ () C:\ProgramData\OutlookFail.20150819.log
2015-08-23 16:28 - 2015-08-23 21:25 - 0000367 _____ () C:\ProgramData\OutlookFail.20150823.log
2015-09-10 16:44 - 2015-09-10 16:44 - 0000183 _____ () C:\ProgramData\OutlookFail.20150910.log
2015-09-11 07:30 - 2015-09-11 07:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150911.log
2015-09-18 16:35 - 2015-09-18 17:05 - 0000367 _____ () C:\ProgramData\OutlookFail.20150918.log
2015-10-15 06:31 - 2015-10-15 06:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20151015.log
2015-10-21 19:51 - 2015-10-21 19:51 - 0000183 _____ () C:\ProgramData\OutlookFail.20151021.log
2015-10-24 12:02 - 2015-10-24 12:02 - 0000183 _____ () C:\ProgramData\OutlookFail.20151024.log
2015-11-05 13:25 - 2015-11-05 13:36 - 0000368 _____ () C:\ProgramData\OutlookFail.20151105.log
2015-11-15 09:18 - 2015-11-15 09:18 - 0000183 _____ () C:\ProgramData\OutlookFail.20151115.log
2015-11-25 20:38 - 2015-11-25 20:38 - 0000183 _____ () C:\ProgramData\OutlookFail.20151125.log
2015-11-26 18:14 - 2015-11-26 18:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20151126.log
 
Some files in TEMP:
====================
C:\Users\Stepan\AppData\Local\Temp\libeay32.dll
C:\Users\Stepan\AppData\Local\Temp\msvcr120.dll
C:\Users\Stepan\AppData\Local\Temp\sqlite3.dll
 

==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

LastRegBack: 2016-08-19 19:50
 
==================== End of FRST.txt ============================

  • 0

#18
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts

Hello,

That's not a fixlist you posted that's called FRST.txt

 

C:\Users\Stepan\Downloads\FRST.txt
C:\Users\Stepan\Downloads\FRST-OlderVersion
(Farbar) C:\Users\Stepan\Downloads\FRST64.exe

Now there is no Fixlist.txt in the downloads folder as seen above, if we have lost the fixlist from the downloads folder and it looks like we have because I don see it you may need to do the fix again.

 

So lets do it

 

Click on Fixlist.txt below Save it, save it to the downloads folder once its in the downloads folder, then right click on FRST64.exe Choose "Run as administrator"  then FRST64.exe will open, when it opens click on fix, it will make a log called Fixlog.txt post it

 

Here you go:

Download the enclosed => file.Attached File  fixlist.txt   6.03KB   56 downloads  Save it in the location FRST64 is. C:\Users\Stepan\Downloads. Run FRST and click on the Fix button. Wait until finished.

The tool will make a log in the location FRST64.exe is, C:\Users\Stepan\Downloads (Fixlog.txt). Please post it to your reply.


  • 0

#19
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

it is still sayin there is no log even though I followed your instructions exactly. should we reinstall it?


  • 0

#20
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts

I don't think we need to reinstall anything, FRST64. exe says there is no log because there probably still is no Fixlist.txt in the downloads folder. Do you see a Fixlist .txt in your downloads folder ?


  • 0

#21
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Now I do. CloseProcesses:
CreateRestorePoint:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User: Restriction <======= ATTENTION
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
U3 idsvc; no ImagePath
2016-08-21 20:06 - 2016-08-21 20:43 - 00000486 _____ C:\WINDOWS\Tasks\SparkTrust Registration3.job
2016-08-21 20:06 - 2016-08-21 20:43 - 00000444 _____ C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job
2016-08-21 20:06 - 2016-08-21 20:43 - 00000444 _____ C:\WINDOWS\Tasks\SparkTrust Update Version3.job
2016-08-21 20:06 - 2016-08-21 20:06 - 00004254 _____ C:\WINDOWS\System32\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE
2016-08-21 20:06 - 2016-08-21 20:06 - 00003406 _____ C:\WINDOWS\System32\Tasks\SparkTrust Update Version3
2016-08-21 20:06 - 2016-08-21 20:06 - 00003294 _____ C:\WINDOWS\System32\Tasks\SparkTrust Registration3
2016-08-21 20:06 - 2016-08-21 20:06 - 00003094 _____ C:\WINDOWS\System32\Tasks\SparkTrust Update Version3_triggeronce
2016-08-21 20:06 - 2016-08-21 20:06 - 00001426 _____ C:\Users\Stepan\Desktop\SparkTrust PC Cleaner Plus.lnk
2016-08-21 20:06 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\SparkTrust
2016-08-21 20:05 - 2016-08-21 20:43 - 00000667 _____ C:\WINDOWS\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE.job
2016-08-21 20:05 - 2016-08-21 20:06 - 00000000 ____D C:\Program Files\BDServices
2016-08-21 20:05 - 2016-08-21 20:05 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2016-08-21 20:05 - 2016-08-21 20:05 - 00000000 ____D C:\ProgramData\SparkTrust
2016-08-21 20:05 - 2016-08-21 20:05 - 00000000 ____D C:\Program Files (x86)\SparkTrust
2016-08-21 20:03 - 2016-08-21 20:04 - 11088144 _____ (SparkTrust) C:\Users\Stepan\Downloads\SparkTrust PC Cleaner Plus Setup_1F211128-B6AC-40FA-BE7A-C91E70D03CC7_.exe
2016-08-21 19:33 - 2016-08-21 19:33 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Stepan\Downloads\SpyHunter-Installer.exe
2016-08-21 16:08 - 2016-08-21 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Lavasoft
Task: {0FD865E9-13E1-4D13-B7B0-F8279830C371} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {265E76CD-C262-4E19-8781-7E9316A505F0} - System32\Tasks\SparkTrust Update Version3_triggeronce => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2016-07-27] (SparkTrust Systems) <==== ATTENTION
Task: {38329735-9504-44AE-BB5E-C63402669E49} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {406C3957-E1AD-4F75-AADF-C7236DFD490A} - System32\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe [2016-07-27] (SparkTrust) <==== ATTENTION
Task: {4A75A742-B6E7-4E25-A977-B9AD971C7A45} - System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\eff4e719\f83d0aa8.dll" <==== ATTENTION
Task: {5E4A78C5-7A35-46B5-B7F1-D952E005E80F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {64760BA2-B14F-4EDA-9829-9AF1E1256EB9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
C:\Program Files (x86)\SparkTrust\
"C:\PROGRA~3\eff4e719\
Task: {6BB1DE5D-0059-4897-9073-82A66A9550B2} - System32\Tasks\SparkTrust Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll" RunUns <==== ATTENTION
Task: {6DD497D5-8A0B-48C2-A1EB-22939F61FBB7} - System32\Tasks\SparkTrust Update Version3 => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2016-07-27] (SparkTrust Systems) <==== ATTENTION
"C:\Program Files (x86)\Common Files\SparkTrust
Task: {7FB6A892-0DA9-4B60-A9F1-66B399DA5302} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9DF7118D-75B8-49D9-9EB3-E48F3279A1B6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AC23D927-41EF-4122-BD7F-549943AD8639} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BF7E63CC-73B2-42B5-8CB3-336E12CCA355} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D9420185-3A37-4973-B2F6-85C5489AA2F9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E61F3361-C27B-4AA2-897E-A89429B6ED4E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8EDA1A2-E2A0-44CB-A753-C7E5392A300E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE.job => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust Registration3.job => rundll32.exe  C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust Update Version3.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state Off
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:


  • 0

#22
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts

Ok, Hopefully that's in the downloads folder and not on the desktop.

 

 

That's the Fixlist, now go back to the downloads folder and find -->C:\Users\Stepan\Downloads\FRST64.exe

 

Right click on FRST64.exe "Run as administrator" when it opens click on fix. If it works it will make a New log called Fixlog.txt

 

Let me know what happens


  • 0

#23
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

It worked and pc rebooted.

here is the log after reboot.

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by Stepan (25-08-2016 11:19:55) Run:1
Running from C:\Users\Stepan\Downloads
Loaded Profiles: Stepan & NeroMediaHomeUser.4 (Available Profiles: Stepan & NeroMediaHomeUser.4 & Jordyn & Natasha & Diane & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User: Restriction <======= ATTENTION
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
U3 idsvc; no ImagePath
2016-08-21 20:06 - 2016-08-21 20:43 - 00000486 _____ C:\WINDOWS\Tasks\SparkTrust Registration3.job
2016-08-21 20:06 - 2016-08-21 20:43 - 00000444 _____ C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job
2016-08-21 20:06 - 2016-08-21 20:43 - 00000444 _____ C:\WINDOWS\Tasks\SparkTrust Update Version3.job
2016-08-21 20:06 - 2016-08-21 20:06 - 00004254 _____ C:\WINDOWS\System32\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE
2016-08-21 20:06 - 2016-08-21 20:06 - 00003406 _____ C:\WINDOWS\System32\Tasks\SparkTrust Update Version3
2016-08-21 20:06 - 2016-08-21 20:06 - 00003294 _____ C:\WINDOWS\System32\Tasks\SparkTrust Registration3
2016-08-21 20:06 - 2016-08-21 20:06 - 00003094 _____ C:\WINDOWS\System32\Tasks\SparkTrust Update Version3_triggeronce
2016-08-21 20:06 - 2016-08-21 20:06 - 00001426 _____ C:\Users\Stepan\Desktop\SparkTrust PC Cleaner Plus.lnk
2016-08-21 20:06 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\SparkTrust
2016-08-21 20:05 - 2016-08-21 20:43 - 00000667 _____ C:\WINDOWS\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE.job
2016-08-21 20:05 - 2016-08-21 20:06 - 00000000 ____D C:\Program Files\BDServices
2016-08-21 20:05 - 2016-08-21 20:05 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2016-08-21 20:05 - 2016-08-21 20:05 - 00000000 ____D C:\ProgramData\SparkTrust
2016-08-21 20:05 - 2016-08-21 20:05 - 00000000 ____D C:\Program Files (x86)\SparkTrust
2016-08-21 20:03 - 2016-08-21 20:04 - 11088144 _____ (SparkTrust) C:\Users\Stepan\Downloads\SparkTrust PC Cleaner Plus Setup_1F211128-B6AC-40FA-BE7A-C91E70D03CC7_.exe
2016-08-21 19:33 - 2016-08-21 19:33 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Stepan\Downloads\SpyHunter-Installer.exe
2016-08-21 16:08 - 2016-08-21 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Lavasoft
Task: {0FD865E9-13E1-4D13-B7B0-F8279830C371} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {265E76CD-C262-4E19-8781-7E9316A505F0} - System32\Tasks\SparkTrust Update Version3_triggeronce => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2016-07-27] (SparkTrust Systems) <==== ATTENTION
Task: {38329735-9504-44AE-BB5E-C63402669E49} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {406C3957-E1AD-4F75-AADF-C7236DFD490A} - System32\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe [2016-07-27] (SparkTrust) <==== ATTENTION
Task: {4A75A742-B6E7-4E25-A977-B9AD971C7A45} - System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\eff4e719\f83d0aa8.dll" <==== ATTENTION
Task: {5E4A78C5-7A35-46B5-B7F1-D952E005E80F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {64760BA2-B14F-4EDA-9829-9AF1E1256EB9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
C:\Program Files (x86)\SparkTrust\
"C:\PROGRA~3\eff4e719\
Task: {6BB1DE5D-0059-4897-9073-82A66A9550B2} - System32\Tasks\SparkTrust Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll" RunUns <==== ATTENTION
Task: {6DD497D5-8A0B-48C2-A1EB-22939F61FBB7} - System32\Tasks\SparkTrust Update Version3 => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2016-07-27] (SparkTrust Systems) <==== ATTENTION
"C:\Program Files (x86)\Common Files\SparkTrust
Task: {7FB6A892-0DA9-4B60-A9F1-66B399DA5302} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9DF7118D-75B8-49D9-9EB3-E48F3279A1B6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AC23D927-41EF-4122-BD7F-549943AD8639} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BF7E63CC-73B2-42B5-8CB3-336E12CCA355} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D9420185-3A37-4973-B2F6-85C5489AA2F9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E61F3361-C27B-4AA2-897E-A89429B6ED4E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8EDA1A2-E2A0-44CB-A753-C7E5392A300E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE.job => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust Registration3.job => rundll32.exe  C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust Update Version3.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state Off
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
*****************
 
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => value removed successfully
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => value removed successfully
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => key removed successfully
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => key not found.
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3507FA00-ADA2-4A02-99B9-51AD26CA9120} => value removed successfully
HKCR\CLSID\{3507FA00-ADA2-4A02-99B9-51AD26CA9120} => key not found.
"HKCR\PROTOCOLS\Handler\tmtbim" => key removed successfully
"HKCR\CLSID\{0B37915C-8B98-4B9E-80D4-464D2C830D10}" => key removed successfully
idsvc => service removed successfully
"C:\WINDOWS\Tasks\SparkTrust Registration3.job" => not found.
"C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job" => not found.
"C:\WINDOWS\Tasks\SparkTrust Update Version3.job" => not found.
"C:\WINDOWS\System32\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE" => not found.
"C:\WINDOWS\System32\Tasks\SparkTrust Update Version3" => not found.
"C:\WINDOWS\System32\Tasks\SparkTrust Registration3" => not found.
"C:\WINDOWS\System32\Tasks\SparkTrust Update Version3_triggeronce" => not found.
"C:\Users\Stepan\Desktop\SparkTrust PC Cleaner Plus.lnk" => not found.
"C:\Users\Stepan\AppData\Roaming\SparkTrust" => not found.
"C:\WINDOWS\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE.job" => not found.
"C:\Program Files\BDServices" => not found.
"C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust" => not found.
"C:\ProgramData\SparkTrust" => not found.
"C:\Program Files (x86)\SparkTrust" => not found.
"C:\Users\Stepan\Downloads\SparkTrust PC Cleaner Plus Setup_1F211128-B6AC-40FA-BE7A-C91E70D03CC7_.exe" => not found.
"C:\Users\Stepan\Downloads\SpyHunter-Installer.exe" => not found.
C:\Users\Stepan\AppData\Roaming\Lavasoft => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FD865E9-13E1-4D13-B7B0-F8279830C371}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FD865E9-13E1-4D13-B7B0-F8279830C371}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{265E76CD-C262-4E19-8781-7E9316A505F0} => key not found.
C:\WINDOWS\System32\Tasks\SparkTrust Update Version3_triggeronce => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SparkTrust Update Version3_triggeronce => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38329735-9504-44AE-BB5E-C63402669E49}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38329735-9504-44AE-BB5E-C63402669E49}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{406C3957-E1AD-4F75-AADF-C7236DFD490A} => key not found.
C:\WINDOWS\System32\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A75A742-B6E7-4E25-A977-B9AD971C7A45}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A75A742-B6E7-4E25-A977-B9AD971C7A45}" => key removed successfully
C:\WINDOWS\System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{79D1CF0C-9F02-5AB2-8460-E7159068251E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E4A78C5-7A35-46B5-B7F1-D952E005E80F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E4A78C5-7A35-46B5-B7F1-D952E005E80F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64760BA2-B14F-4EDA-9829-9AF1E1256EB9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64760BA2-B14F-4EDA-9829-9AF1E1256EB9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"C:\Program Files (x86)\SparkTrust" => not found.
"C:\PROGRA~3\eff4e719" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BB1DE5D-0059-4897-9073-82A66A9550B2} => key not found.
C:\WINDOWS\System32\Tasks\SparkTrust Registration3 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SparkTrust Registration3 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD497D5-8A0B-48C2-A1EB-22939F61FBB7} => key not found.
C:\WINDOWS\System32\Tasks\SparkTrust Update Version3 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SparkTrust Update Version3 => key not found.
"C:\Program Files (x86)\Common Files\SparkTrust" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7FB6A892-0DA9-4B60-A9F1-66B399DA5302}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FB6A892-0DA9-4B60-A9F1-66B399DA5302}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DF7118D-75B8-49D9-9EB3-E48F3279A1B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DF7118D-75B8-49D9-9EB3-E48F3279A1B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC23D927-41EF-4122-BD7F-549943AD8639}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC23D927-41EF-4122-BD7F-549943AD8639}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF7E63CC-73B2-42B5-8CB3-336E12CCA355}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF7E63CC-73B2-42B5-8CB3-336E12CCA355}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9420185-3A37-4973-B2F6-85C5489AA2F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9420185-3A37-4973-B2F6-85C5489AA2F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E61F3361-C27B-4AA2-897E-A89429B6ED4E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E61F3361-C27B-4AA2-897E-A89429B6ED4E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F8EDA1A2-E2A0-44CB-A753-C7E5392A300E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8EDA1A2-E2A0-44CB-A753-C7E5392A300E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
C:\WINDOWS\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE.job => not found.
C:\WINDOWS\Tasks\SparkTrust Registration3.job => not found.
C:\WINDOWS\Tasks\SparkTrust Update Version3.job => not found.
C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job => not found.
 
========= netsh advfirewall reset =========
 
Ok.
 

========= End of CMD: =========
 

========= netsh advfirewall set allprofiles state Off =========
 
Ok.
 

========= End of CMD: =========
 

========= bitsadmin /reset /allusers =========
 

BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
{1D482862-F05C-4A17-BA78-12CB1283AE12} canceled.
{DF7B8F0A-6EC5-4662-B9D5-A32F3BB402F0} canceled.
{6DBCF1FE-5EAA-42B9-9DA0-BAB8660CECFC} canceled.
{D148D3DB-37E4-4C78-8004-AF871198F389} canceled.
{154A1ECF-13F3-4862-AFF0-C445B00AD564} canceled.
5 out of 5 jobs canceled.
 
========= End of CMD: =========
 

========= netsh winsock reset catalog =========
 

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 

========= End of CMD: =========
 

========= ipconfig /flushdns =========
 

Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 

========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 

========= End of RemoveProxy: =========
 
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not restore Hosts.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 164234577 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 20597795 B
Edge => 116057224 B
Chrome => 378736979 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 6144 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 20030500 B
NetworkService => 12 B
Stepan => 35151629 B
NeroMediaHomeUser.4 => 1515520 B
Jordyn => 40938753 B
Natasha => 20929288 B
Diane => 39235 B
DefaultAppPool => 0 B
 
RecycleBin => 0 B
EmptyTemp: => 761.3 MB temporary data Removed.
 
================================
 

The system needed a reboot.
 
==== End of Fixlog 11:21:11 ====

  • 0

#24
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
Congratulations on a job well done traindriver !

What issues remain with the computer ?

Thanks
Joe :)
  • 0

#25
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Thanks joe you are awesome, kids got a rocket for that one. no internet for 1 week except for homework.

 

Had a problem with IE 11. resolved that by uninstalling it an keeping edge.

I use to be able to type anything in the address bar and if it wasn't a web address it would go to google. That has stoped now . How do I fix that?

 

Regards

Stepan


  • 0

Advertisements


#26
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
Hello,

I use to be able to type anything in the address bar and if it wasn't a web address it would go to google. That has stoped now . How do I fix that?


Do you mean for the edge browser ?
  • 0

#27
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

sorry. microsoft edge which is windows 10 internet browser.


  • 0

#28
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts

Hello,

 

You might try resetting the Edge browser see link below:

 

http://www.howtogeek...-in-windows-10/

 

Thanks

Joe :)


  • 0

#29
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

Safe Computing Practices please read Here


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Thanks
Joe :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP